CN102264067A - Method and equipment for processing safety function in switching process - Google Patents
Method and equipment for processing safety function in switching process Download PDFInfo
- Publication number
- CN102264067A CN102264067A CN2010101920332A CN201010192033A CN102264067A CN 102264067 A CN102264067 A CN 102264067A CN 2010101920332 A CN2010101920332 A CN 2010101920332A CN 201010192033 A CN201010192033 A CN 201010192033A CN 102264067 A CN102264067 A CN 102264067A
- Authority
- CN
- China
- Prior art keywords
- integrity protection
- message
- handover
- rnc
- parameter
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a method and equipment for processing safety function in a switching process. The method comprises the following steps: after a wireless network controller determines that user equipment needs to be switched to TD-SCDMA (Time Division-Synchronization Code Division Multiple Access) from GSM (Global System for Mobile Communications), a command message of switching to a UMTS terrestrial radio access network is sent to the user equipment by virtue of a base station system through a core network, and the message carries parameters required for starting integrity protection of user equipment; when the user equipment fails, a switching failure message is fed back to the wireless network controller; when the user equipment is successful, a completion message of switching to the UMTS terrestrial radio access network, which carries a message authentication code, is fed back to the wireless network controller; and the message authentication code is determined according to the parameters required for starting integrity protection and carried in the command message of switching to a UMTS terrestrial radio access network. In the method, two messages are changed to realize the purpose of simplifying two air interface processes required for starting the safety function into one air interface process after the GSM system is switched to the UTRAN, and the air interface signaling interaction is reduced.
Description
Technical field
The present invention relates to mobile communication technology, the processing method and the equipment of safety function in particularly a kind of handoff procedure.
Background technology
3GPP TS 33.102 V8.0.0 (2008-06) 6.8.5,6.8.7 joint, require to work as from GSM (GlobalSystem for Mobile communication, global system for mobile communications) BSS (Base Stationsystem, base station system) switches to UTRAN (UMTS Terrestrial Radio Access Network, UMTS Terrestrial radio access network; UMTS:Universal Mobile Telecommunications System; universal mobile telecommunications system) time; SRB (Signal Radio Bear; Signaling Radio Bearer) integrity protection should initiatively be initiated by RNC (Radio Network Controller, radio network controller) after switching is finished.
3GPP TS 25.413 V8.0.0 (2008-06) 8.7 chapters and sections have been described when the BSS of GSM switches to UTRAN, the IU mouth flow process of CN (Core Network, core net) and RNC.
3GPP TS 25.331 V8.6.0 (2009-03) 8.3.6 has described the flow process of eating dishes without rice or wine when the BSS of GSM switches to UTRAN.
Fig. 1 is the schematic flow sheet of GSM Handover To UTRAN (GSM switches to UTRAN), comprehensive above-mentioned three part agreement specified content, when the BSS of GSM switches to UTRAN, as shown in the figure:
If the GSM side is encrypted; switch to TD-SCDMA (Time Division SynchronizedCode Division Multiple Access; TD SDMA inserts) during system; the startup of fail safe comprises two processes, switches the process and the integrity protection process of (following encryption).When the BSS of GSM decision-making is initiated to switch between RNC initiation system, CN in Relocation Request (re-positioning request), carry current UE the RNC side encrypt the information Encryption Information (enciphered message) that needs and integrity protection need information Encryption Information.Relocation Request message structure can be referring to 3GPP TS 25.413 V8.0.0 (2008-06) 9.1.10 chapters and sections.
RRC (Radio Resource Control, Radio Resource control) the relevant information INTER RAT HANDOVER INFO (handover information between wireless access technology that the switching of the known UTRAN side of UE is required; INTER RAT:inter Radio Access Technology is between wireless access technology) be carried to Target RNC by the ToTargetRNC-Container in the RelocationRequest message (to the container of Target RNC).UE security information (UE security information among the INTER RAT HANDOVER INFO; UE:User Equipment, subscriber equipment) comprises CS (Circuit Switch, circuit switching) Start of Shi Yonging (beginning) value, UE security information2 comprises PS (Packet Switch, packet switching) the Start value of Shi Yonging comprises encryption and integral algorithm that securityCapability (security capabilities) record UE supports among the UE capability container (UE capability container).INTER RATHANDOVER INFO relevant information can be referring to 3GPP TS 25.331 V8.6.0 (2009-03) 10.2.16d, 8.1.16 chapters and sections.
After the success of RNC side Resources allocation, organize container handoverToUTRANCommand (the switching to the UTRAN order) message of TargetRNC-ToSourceRNC-TransparentContainer (Target RNC is to source RNC transmission container) in Relocation Request Acknowledge (re-positioning request affirmation) message to send to UE by gsm system, portability Ciphering algorithm (cryptographic algorithm) in the message, start the UTRAN side behind the indication UE handover success and encrypt, the expression encryption function is along with the handoff procedure synchronous triggering.After UE receives handoverToUTRANCommand message handover success, send handoverToUTRANComplete (switching to UTRAN finishes) to RNC.
RNC returns Relocation complete (reorientation is finished) message to CN after receiving handoverToUTRANComplete, switches between system and finishes.At this moment; the RNC side organizes securityModeCommand (safe mode command) message that the relevant information that integrality comprises is sent to UE; notice UE starts integrity protection; return securityModeComplete (safe mode is finished) message to RNC; at this moment, the integrity protection function on of signaling.So far, switching back UTRAN side encrypts and the integrity protection function on.
The deficiencies in the prior art are: space interface signaling is more alternately in the fail safe start-up course.
Summary of the invention
Technical problem solved by the invention has been to provide the processing method and the equipment of safety function in a kind of handoff procedure, and is mutual in order to space interface signaling in the minimizing fail safe start-up course.
The processing method of safety function in a kind of handoff procedure is provided in the embodiment of the invention, has comprised the steps:
RNC determines that UE needs to switch to TD-SCDMA from GSM;
RNC sends HANDOVER TO UTRAN COMMAND (switch to UTRAN order) message by BSS to UE through CN, and carries the parameter that UE startup integrity protection needs in this message.
The processing method of safety function in a kind of handoff procedure is provided in the embodiment of the invention, has comprised the steps:
UE determines whether successfully to switch to TD-SCDMA from GSM;
Feed back switch failure information to RNC during failure; the HANDOVER TO UTRAN COMPLETE message that when success carried Messageauthentication code to the RNC feedback, described Messageauthentication code is that the parameter of the startup integrity protection needs that carry in the HANDOVER TO UTRAN COMMAND message that sends according to RNC is determined.
A kind of radio network controller is provided in the embodiment of the invention, has comprised:
The switching judging module is used for determining that UE needs to switch to TD-SCDMA from GSM;
Parameter is carried module, is used for carrying the parameter that UE starts the integrity protection needs in HANDOVER TO UTRAN COMMAND message;
Sending module is used for sending HANDOVER TO UTRANCOMMAND message by BSS to UE through CN.
A kind of subscriber equipment is provided in the embodiment of the invention, has comprised:
Switch determination module, be used for determining whether successfully UE switches to TD-SCDMA from GSM;
Parameter is carried module, be used for when handover success, carry Message authentication code in HANDOVER TO UTRANCOMPLETE message, described Messageauthentication code is that the parameter of the startup integrity protection needs that carry in the HANDOVER TO UTRAN COMMAND message that sends according to RNC is determined;
Feedback module is used for feeding back switch failure information to RNC when handoff failure, the HANDOVER TO UTRANCOMPLETE message of having carried Message authentication code to the RNC feedback when handover success.
Beneficial effect of the present invention is as follows:
In the technical scheme that the embodiment of the invention provides; when in handoff procedure, safety function being handled; RNC determines that UE needs to switch to TD-SCDMA from GSM; then send HANDOVER TO UTRAN COMMAND message by BSS to UE, and in this message, carry the parameter that UE startup integrity protection needs through CN.
And when failure fed back switch failure information to RNC; the HANDOVER TO UTRAN COMPLETE message that when success carried Messageauthenti cation code to the RNC feedback, Messageauthentication code is that the parameter of the startup integrity protection needs that carry in the HANDOVER TO UTRAN COMMAND message that sends according to RNC is determined.
Owing to, in HANDOVER TO UTRAN COMMAND message, increase the alternative security Mode Command message of Integrity protection mode info and indicate UE to start the integrity protection process in the RNC side.
And in the UE side, in HANDOVER TO UTRAN COMPLETE message, increase IE:Integrity check info and indicate the integrity protection process to start successfully.
Therefore, the change by these two message has realized that will switch to behind the UTRAN safety function from gsm system starts two processes of eating dishes without rice or wine that need and be reduced to the process of eating dishes without rice or wine, and has reduced the mutual of space interface signaling.
Description of drawings
Fig. 1 is the schematic flow sheet of GSM Handover To UTRAN in the background technology;
Fig. 2 is the processing method implementing procedure schematic diagram of safety function in the RNC side handoff procedure in the embodiment of the invention;
Fig. 3 is the processing method implementing procedure schematic diagram of safety function in the UE side handoff procedure in the embodiment of the invention;
Fig. 4 is a radio network controller structural representation in the embodiment of the invention;
Fig. 5 is a user device architecture schematic diagram in the embodiment of the invention.
Embodiment
The inventor notices in the invention process:
After switching to UTRAN from GSM, the startup of fail safe needs two processes of eating dishes without rice or wine, and two functions of fail safe are encrypted and integrity protection function right and wrong trigger simultaneously.
Describe according to existing protocol, when when GSM switches to UTRAN, the startup of fail safe comprises two flow processs of eating dishes without rice or wine, and carries out switching flow earlier, switching is finished after in the execution safety mode process.So do and cause the deficiencies in the prior art to be:
The time delay of whole process is long, and interoffice signaling is more alternately.In addition; aspect two of UTRAN side fail safe: encryption and integrity protection separately carry out; the execution of encrypting has precedence over the carrying out of integrity protection; but in the repositioning process between startup of the fail safe in RNC and RNC; integrity protection and encryption are all carried out synchronously; from protocol description with realize, will encrypt with these two functions associated of integrity protection isolate open all comparatively unreasonable.
In addition, if follow-up safety mode process failure will have encryption but phenomenon that integrity protection does not start in the RNC side, and this may cause call drop.
Given this, the technical scheme that provides in the embodiment of the invention will make RNC switch to the TD network development process from GSM in processing, realize simultaneously encrypting and integrity protection.Below in conjunction with accompanying drawing the specific embodiment of the present invention is described.
Fig. 2 is the processing method implementing procedure schematic diagram of safety function in the RNC side handoff procedure, as shown in the figure, can comprise the steps:
In the enforcement, SECURITY MODE COMMAND (safe mode command) message content that RNC starts integrity protection can comprise following IE (Information Element, information unit):
Security capability (security capabilities), CN domain identity (core network domain sign), Integrity protection mode info (integrity protection pattern information).Wherein, Security capability carries the back by the INTER RAT HANDOVER INFO among the ToTargetRNC-Container and brings Target RNC by gsm system.CN domain identity extends this as LATEST_CONFIGURED_CN_DOMAIN (core network domain disposes recently) by protocol requirement.
Start the relevant parameter that integrity protection needs and fill among the Integrity protection mode info.Promptly Security capability, CN domain identity information UE are known at this moment; therefore only relevant information needs RNC to indicate to UE among the Integrityprotection mode info, can increase Integrity protection mode info in HANDOVER TO UTRAN COMMAND message and does not use SECURITY MODE COMMAND (safe mode command) indication UE startup integrity protection.Also promptly:
In concrete the enforcement, RNC sends HANDOVER TO UTRANCOMMAND message by BSS to UE through CN, can comprise:
RNC sends the Relocation Request ACK message that carries HANDOVER TO UTRAN COMMAND message to CN;
CN sends the handover Command message that carries HANDOVER TO UTRAN COMMAND message to BSS;
BSS sends the handover Command message that carries HANDOVER TO UTRAN COMMAND message to UE.
Concrete; carrying the parameter that the startup integrity protection needs in HANDOVER TO UTRAN COMMAND message, can be to increase Integrity protection mode info to indicate UE to start the parameter that integrity protection needs in HANDOVER TO UTRAN COMMAND message.
Integrity protection mode info can comprise:
Integrity protection mode command option is selected Start;
The algorithm of supporting among the Security capability of Integrity protection algorithm option selection UE;
Integrity protection initialisation number is generated at random by RNC;
Downlink integrity protection activation info does not occur.
Concrete enforcement is as follows.
Table 1
| Information Element/Group name (information unit/group's title) | Need (essential) | Multi (scope) | Type and reference (type and reference) | Semantics description (semantic description) |
| Message Type (type of message) | MP (essential) | Message Type | ||
| UE information elements (UE information unit) | ||||
| Security?capability | ?MP | Security capability 10.3.3.37 | ||
| Integrity protection mode?info | OP (optional) | Integrity protection mode?info 10.3.3.19 | Only present if integrity protection shall be controlled (only when constraint appears in integrity protection, occurring) | |
| CN Information elements (CN information unit) | ||||
| CN?domain?identity | ?MP | CN domain identity 10.3.1.1 | Indicates which ciphering and integrity protection keys are applicable (pointing out which key and integrity protection key are available) |
Table 2
Integrity protection mode info content can be as follows:
| Information Element/Group?name | Need | Multi | Type?and reference | Semantics?description |
| Integrity protection mode command (integrity protection mode command) | MP | (start modify) (enumerates (starting point, change)) to Enumera ted | ||
| Downlink integrity protection activation info (down link integrity protection active information) | CV-mo dify (Cond ition on Value condition is optional, depends on the value of Integrit y protecti on mode comma nd) | Integrity protectio n activatio n info 10.3.3.17 | ||
| Integrity protection algorithm (integrity protection rule) | OP | Integrity protectio n algorith m 10.3.3.18 | ||
| Integrity protection initialisation number (integrity protection random value) | CV-star t | Bit string(32 ) | FRESH [40] .The first/leftmost bit of the bit string contains the most significant bit of the FRESH. (beginning [40], Bit String | |
| First/the Far Left bit comprises the most effective bit that begins) |
Concrete, can in HANDOVER TO UTRAN COMMAND message, increase Integrityprotection mode info and indicate UE integrity protection relevant parameter.Integrity protection mode command selects Start among the Integrity protection modeinfo, the algorithm of supporting among the Security capability of Integrity protection algorithm selection UE, Integrity protection initialisationnumber is generated at random by RNC, and Downlink integrity protection activation info does not occur.
Table 3
| Information Element/Group name | Need | Multi | Type and reference | Semantic s descriptio n | Versi on |
| New?U-RNTI | MP | U-RNTI Short 10.3.3.4 8 | |||
| Integrity?protection mode?info | OP | Integrity protectio n mode info 10.3.3.1 9 | Carry out when GSM switches between the UTRAN system and can comprise this IE | ||
| Ciphering algorithm (cryptographic algorithm) | OP | Cipherin g algorith m 10.3.3.4 | |||
| RNC support for change of UE capability (RNC supports the UE ability to change) | MP | Boolean (boolean) | REL-7 (version 7) | ||
| New?H-RNTI | OP | H-RNTI 10.3.3.1 4a | REL-6 (version 6) | ||
| New Primary E-RNTI | OP | E-RNTI 10.3.3.1 | REL- 6 | ||
| 0a | |||||
| New Secondary E-RNTI | OP | E-RNTI 10.3.3.1 0a | FDD?only | REL- 6 | |
| Specification?mode information elements | REL- 8 | ||||
| Default configuration for CELL_FACH (CELL_FACH default configuration) | OP | Default configur ation?for CELL_F ACH 10.3.4.0a | REL- 8 | ||
| CHOICE specification mode (canonical schema selection) | MP | ||||
| >Complete specification (performance specification) | |||||
| RB information elements (radio bearer information unit) | |||||
| >>Signalling RB information to setup?list | MP | 1to <maxSRB setup> | For?each signalling radio bearer establishe d | ||
| >>RAB information to setup?list | OP | 1to <maxRAB setup> | For?each RAB establishe d | ||
| Uplink transport channels | |||||
| Downlink?transport channels | |||||
| Uplink radio resources | |||||
| Downlink radio resources | |||||
| Frequency?info | MP | Frequenc y?info 10.3.6.3 | |||
| 6 | |||||
| Multi-frequency Info | OP | Multi-fre quency Info 10.3.6.3 9a | This?IE?is used?for 1.28 Mcps TDD only | REL- 7 | |
| Maximum?allowed UL?TX?power | MP | Maximu m allowed UL TX power 10.3.6.3 9 |
Be the implementation of RNC side above, will the enforcement of UE side be described below.
In declarative procedure, though be to describe from the enforcement of UE and RNC side respectively, but this does not also mean that the two must cooperate enforcement, in fact, when UE and RNC divide when beginning to implement, its UE side that also solves separately, the problem of RNC side when just the two is used in combination, can obtain better technique effect.
Fig. 3 is the processing method implementing procedure schematic diagram of safety function in the UE side handoff procedure, as shown in the figure, can comprise the steps:
Feed back switch failure information to RNC when step 302, failure; the HANDOVER TO UTRAN COMPLETE message that when success carried Message authentication code to the RNC feedback, described Message authentication code is that the parameter of the startup integrity protection needs that carry in the HANDOVER TO UTRANCOMMAND message that sends according to RNC is determined.
In the enforcement; the parameter that the startup integrity protection that HANDOVER TO UTRAN COMMAND message is carried needs can be to increase Integrity protection mode info to indicate UE to start the parameter that integrity protection needs in HANDOVER TO UTRAN COMMAND message.
In the enforcement, Integrity protection mode info can comprise:
Integrity protection mode command option is selected Start;
The algorithm of supporting among the Security capability of Integrity protection algorithm option selection UE;
Integrity protection initialisation number is generated at random by RNC;
Downlink integrity protection activation info does not occur.
In the enforcement, HANDOVER TO UTRAN COMPLETE message can be to carry Message authentication code (message authentication code) in the Integrity check info (integrity check info) that increases.
In concrete the enforcement, can increase Integrity check info indication HANDOVER TO UTRAN COMPLETE in HANDOVER TO UTRAN COMPLETE message is article one message of up startup integrity protection.
UE uses relevant parameter calculating Message authentication code (message authentication code) to be filled among the Integrity check info then, and the Messageauthentication code that RNC uses corresponding calculation of parameter expectation to receive checks the integrality of signaling.
Also promptly, in the RNC side, can further include:
After RNC receives the switch failure information of UE feedback, press the UE handoff failure and handle;
After RNC receives the HANDOVERTO UTRAN COMPLETE message of having carried Message authentication code of UE feedback; RNC determines Message authentication code according to the parameter of the startup integrity protection needs on the RNC, and checks the signaling integrality with Message authenticationcode in this Message authenticationcode that determines and the HANDOVER TO UTRAN COMPLETE message.
Concrete; in HANDOVER TO UTRAN COMMAND message, use Integrityprotection mode info to indicate UE integrity protection relevant parameter; if UE thinks that these configurations are effectively, can return HANDOVER TO UTRAN COMPLETE sign handover success.This moment, UE used relevant parameter calculating Message authenticationcode among the Integrity protection mode info, otherwise UE sends the handoff failure order to BSC, and UE still can reside in the 2G network.
RNC receives HANDOVER TO UTRAN COMPLETE sign UE handover success, and RNC uses the Message authentication code of the relevant parameter calculation expectation reception that sends to UE.RNC can not receive response message, then thinks handoff failure.
Concrete enforcement is as follows.
Table 4
| Information Element/Group?name | Need | Multi | Type?and reference | Semantics?description |
| Message?Type | MP | Message Type | ||
| UE Information elements | ||||
| Integrity?check?info | CH (con tion ov history condition is optional, depends on the content of history message) | Integrity check info 10.3.3.16 | ||
| START list (Start value list) | CH | 1?to <maxC Ndomai ns> | START[40]values for?all?CN?domains. | |
| >CN?domain?identity | MP | CN domain identity 10.3.1.1 | ||
| >START | MP | START 10.3.3.38 | ||
| RB Information elements | ||||
| COUNT-C activation time | OP | Activatio n?time 10.3.3.1 | Used for radio bearers?mapped?on RLC-TM. |
Integrity check info thes contents are as follows:
Table 5
| Information Element/Group name | Need | Multi | Type and reference | Semantics description |
| Message | MP | Bit | MAC-I[40] .The | |
| Authentication code | String (32) | First/leftmost bit of the bit string contains the most significant bit of the MAC-I.The 27 MSB of the IE shall be set to zero and the 5 LSB of the IE shall be set to the value of the IE " RB identity " for the used signalling radio bearer when the encoded RRC message is used as the MESSAGE parameter in the integrity protection algorithm. (first/leftmost bit string position has comprised the bit of most important MAC. For available radio bearer when when the RRC message of having encoded is used as the protection algorithm integrallty of MESSAGE parameter, IE 27 highest orders should be set to zero, should be set to the value " RB sign " of IE at IE 5 lowest orders) | ||
| RRC Message sequence number (RRC message SN) | MP | Integer (0..15) | The local RRC hyper frame number (RRC HFN) is concatenated with the RRC message sequence number to form the input parameter COUNT-I for the integrity protection algorithm. The IE value shall be set to zero when the | |
| (local RRC Hyper Frame Number (RRC HFN) and RRC message SN link together encoded RRC message is used as the MESSAGE parameter in the integrity protection algorithm., form the protection algorithm integrallty of input parameter COUNT-I.When RRC message was used as the protection algorithm integrallty of MESSAGE parameter, the value of IE should be set to zero.) |
Based on same inventive concept, a kind of RNC, subscriber equipment also are provided in the embodiment of the invention, because the processing method of safety function is similar in the handoff procedure of these equipment principle of dealing with problems and RNC side, the enforcement of UE side, therefore the enforcement of these equipment can repeat part and repeat no more referring to the enforcement of method.
Fig. 4 is the radio network controller structural representation, as shown in the figure, can comprise among the RNC:
Switching judging module 401 is used for determining that UE needs to switch to TD-SCDMA from GSM;
Parameter is carried module 402, is used for carrying the parameter that UE starts the integrity protection needs in HANDOVER TO UTRAN COMMAND message;
Sending module 403 is used for sending HANDOVER TO UTRANCOMMAND message by BSS to UE through CN.
In the enforcement, sending module can be further used for sending the Relocation Request ACK message that carries HANDOVER TOUTRAN COMMAND message to CN.
In the enforcement; parameter is carried module and can be further used for carrying in HANDOVER TO UTRANCOMMAND message when starting the parameter that integrity protection needs, and increases Integrity protection mode info and indicate UE to start the parameter that integrity protection needs in HANDOVER TOUTRAN COMMAND message.
In the enforcement, parameter is carried module can be further used for as follows determining option among the Integrity protectionmode info:
Integrity protection mode command option is selected Start;
The algorithm of supporting among the Security capability of Integrity protection algorithm option selection UE;
Integrity protection initialisation number is generated at random by RNC;
Downlink integrity protection activation info does not occur.
In the enforcement, can further include among the RNC:
Switch post-processing module 404, be used for after the switch failure information that receives the UE feedback, press the UE handoff failure and handle; After the HANDOVER TO UTRAN COMPLETE message of having carried Message authentication code that receives the UE feedback; parameter according to the startup integrity protection needs on the RNC is determined Message authentication code, and checks the signaling integrality with the Messageauthentication code in this Messageauthentication code that determines and the HANDOVER TO UTRAN COMPLETE message.
Fig. 5 is the user device architecture schematic diagram, as shown in the figure, can comprise among the UE:
Parameter is carried module 502, be used for when handover success, carry Message authentication code in HANDOVER TO UTRANCOMPLETE message, described Messageauthentication code is that the parameter of the startup integrity protection needs that carry in the HANDOVER TO UTRAN COMMAND message that sends according to RNC is determined;
In the enforcement, parameter is carried module and can be further used for Integrity protection mode info from the HANDOVER TOUTRAN COMMAND message that RNC sends and obtain UE and start parameter that integrity protection needs.
In the enforcement, parameter is carried module can be further used for obtaining following option from Integrity protection mode info:
Integrity protection mode command option is selected Start;
The algorithm of supporting among the Security capability of Integrity protection algorithm option selection UE;
Integrity protection initialisation number is generated at random by RNC;
Downlink integrity protection activation info does not occur.
In the enforcement, parameter is carried among the Integrity check info that module can be further used for increasing in HANDOVER TO UTRANCOMPLETE message and is carried Message authenticationcode.
For the convenience of describing, the each several part of the above device is divided into various modules with function or the unit is described respectively.Certainly, when enforcement is of the present invention, can in same or a plurality of softwares or hardware, realize the function of each module or unit.
As seen from the above-described embodiment, owing to, in HANDOVER TO UTRANCOMMAND message, increase the alternative security ModeCommand message of Integrity protection mode info and indicate UE to start the integrity protection process in the RNC side.
And in the UE side, in HANDOVER TO UTRAN COMPLETE message, increase IE:Integrity check info and indicate the integrity protection process to start successfully.
Change by these two message has realized that will switch to behind the UTRAN safety function from gsm system starts two processes of eating dishes without rice or wine that need and be reduced to the process of eating dishes without rice or wine.
Further, if the integrality configuration can not be by the UE successful implementation, UE can return handoff failure in the GSM side, and UE still can reside in gsm system.After avoiding UE to switch to UTRAN,, improve user satisfaction because the integrity protection configuration failure causes UE possibility call drop.
As seen, technical scheme handling process and specific implementation that the embodiment of the invention provides are simple, and with respect to the existing protocol scheme, this scheme can shorten processing delay, reduce and eat dishes without rice or wine alternately, save interface-free resources and can reduce conversation loss.
Those skilled in the art should understand that embodiments of the invention can be provided as method, system or computer program.Therefore, the present invention can adopt complete hardware embodiment, complete software implementation example or in conjunction with the form of the embodiment of software and hardware aspect.And the present invention can adopt the form that goes up the computer program of implementing in one or more computer-usable storage medium (including but not limited to magnetic disc store, CD-ROM, optical memory etc.) that wherein include computer usable program code.
The present invention is that reference is described according to the flow chart and/or the block diagram of method, equipment (system) and the computer program of the embodiment of the invention.Should understand can be by the flow process in each flow process in computer program instructions realization flow figure and/or the block diagram and/or square frame and flow chart and/or the block diagram and/or the combination of square frame.Can provide these computer program instructions to the processor of all-purpose computer, special-purpose computer, Embedded Processor or other programmable data processing device to produce a machine, make the instruction of carrying out by the processor of computer or other programmable data processing device produce to be used for the device of the function that is implemented in flow process of flow chart or a plurality of flow process and/or square frame of block diagram or a plurality of square frame appointments.
These computer program instructions also can be stored in energy vectoring computer or the computer-readable memory of other programmable data processing device with ad hoc fashion work, make the instruction that is stored in this computer-readable memory produce the manufacture that comprises command device, this command device is implemented in the function of appointment in flow process of flow chart or a plurality of flow process and/or square frame of block diagram or a plurality of square frame.
These computer program instructions also can be loaded on computer or other programmable data processing device, make on computer or other programmable devices and to carry out the sequence of operations step producing computer implemented processing, thereby the instruction of carrying out on computer or other programmable devices is provided for being implemented in the step of the function of appointment in flow process of flow chart or a plurality of flow process and/or square frame of block diagram or a plurality of square frame.
Although described the preferred embodiments of the present invention, in a single day those skilled in the art get the basic creative notion of cicada, then can make other change and modification to these embodiment.So claims are intended to all changes and the modification that are interpreted as comprising preferred embodiment and fall into the scope of the invention.
Obviously, those skilled in the art can carry out various changes and modification to the present invention and not break away from the spirit and scope of the present invention.Like this, if of the present invention these are revised and modification belongs within the scope of claim of the present invention and equivalent technologies thereof, then the present invention also is intended to comprise these changes and modification interior.
Claims (18)
1. the processing method of safety function in the handoff procedure is characterized in that, comprises the steps:
Radio network controller (RNC) determines that user equipment (UE) needs to switch to TD SDMA from global system for mobile communications GSM and inserts TD-SCDMA;
RNC sends to UE by base station system BSS through core net CN and switches to UMTS Terrestrial radio access network order HANDOVER TO UTRAN COMMAND message, and carries the parameter that UE startup integrity protection needs in this message.
2. the method for claim 1 is characterized in that, RNC sends HANDOVER TO UTRAN COMMAND message by BSS to UE through CN, comprising:
RNC sends the re-positioning request that carries HANDOVER TO UTRAN COMMAND message to CN and confirms Relocation Request ACK message;
CN sends the switching command handover Command message that carries HANDOVER TO UTRAN COMMAND message to BSS;
BSS sends the handover Command message that carries HANDOVER TO UTRAN COMMAND message to UE.
3. the method for claim 1; it is characterized in that; carrying in HANDOVER TO UTRANCOMMAND message and start the parameter that integrity protection needs, is to increase integrity protection pattern information Integrity protection modeinfo to indicate UE to start parameter that integrity protection needs in HANDOVER TOUTRAN COMMAND message.
4. method as claimed in claim 3 is characterized in that, Integrity protection mode info comprises:
Integrity protection mode command Integrity protection mode command option is selected beginning Start;
The algorithm of supporting among the security capabilities Security capability of integrity protection rule Integrity protection algorithm option selection UE;
Integrity protection random value Integrity protection initialisation number is generated at random by RNC;
Down link integrity protection active information Downlink integrity protection activation info does not occur.
5. as the arbitrary described method of claim 1 to 4, it is characterized in that, further comprise:
After RNC receives the switch failure information of UE feedback, press the UE handoff failure and handle;
What RNC received UE feedback has carried the switching to after UMTS Terrestrial radio access network finishes HANDOVER TO UTRAN COMPLETE message of message authentication code Message authentication code; RNC determines Message authenticationcode according to the parameter of the startup integrity protection needs on the RNC, and checks the signaling integrality with Message authentication code in this Message authentication code that determines and the HANDOVER TO UTRANCOMPLETE message.
6. the processing method of safety function in the handoff procedure is characterized in that, comprises the steps:
UE determines whether successfully to switch to TD-SCDMA from GSM;
Feed back switch failure information to RNC during failure; the HANDOVER TO UTRAN COMPLETE message that when success carried Messageauthentication code to the RNC feedback, described Messageauthentication code is that the parameter of the startup integrity protection needs that carry in the HANDOVER TO UTRAN COMMAND message that sends according to RNC is determined.
7. method as claimed in claim 6; it is characterized in that; the parameter that startup integrity protection that HANDOVER TO UTRANCOMMAND message is carried needs is to indicate UE to start parameter that integrity protection needs by the Integrity protection mode info that increases in the HANDOVER TOUTRAN COMMAND message.
8. method as claimed in claim 7 is characterized in that, Integrity protection mode info comprises:
Integrity protection mode command option is selected Start;
The algorithm of supporting among the Security capability of Integrity protection algorithm option selection UE;
Integrity protection initialisation number is generated at random by RNC;
Downlink integrity protection activation info does not occur.
9. as the arbitrary described method of claim 6 to 8, it is characterized in that HANDOVER TOUTRAN COMPLETE message is to carry Message authentication code's in the integrity check info Integrity check info that increases.
10. a radio network controller is characterized in that, comprising:
The switching judging module is used for determining that UE needs to switch to TD-SCDMA from GSM;
Parameter is carried module, is used for carrying the parameter that UE starts the integrity protection needs in HANDOVER TO UTRAN COMMAND message;
Sending module is used for sending HANDOVER TO UTRANCOMMAND message by BSS to UE through CN.
11. radio network controller as claimed in claim 10 is characterized in that, sending module is further used for sending the Relocation Request ACK message that carries HANDOVER TO UTRAN COMMAND message to CN.
12. radio network controller as claimed in claim 10; it is characterized in that; parameter is carried module and is further used for carrying in HANDOVER TO UTRAN COMMAND message when starting the parameter that integrity protection needs, and increases Integrityprotection mode info and indicate UE to start the parameter that integrity protection needs in HANDOVER TO UTRAN COMMAND message.
13. radio network controller as claimed in claim 12 is characterized in that, parameter is carried module and is further used for as follows determining option among the Integrity protection mode info:
Integrity protection mode command option is selected Start;
The algorithm of supporting among the Security capability of Integrity protection algorithm option selection UE;
Integrity protection initialisation number is generated at random by RNC;
Downlink integrity protection activation info does not occur.
14. as the arbitrary described radio network controller of claim 10 to 13, it is characterized in that, further comprise:
Switch post-processing module, be used for after the switch failure information that receives the UE feedback, press the UE handoff failure and handle; After the HANDOVER TO UTRAN COMPLETE message of having carried Message authentication code that receives the UE feedback; parameter according to the startup integrity protection needs on the RNC is determined Message authentication code, and checks the signaling integrality with the Messageauthentication code in this Messageauthentication code that determines and the HANDOVER TO UTRAN COMPLETE message.
15. a subscriber equipment is characterized in that, comprising:
Switch determination module, be used for determining whether successfully UE switches to TD-SCDMA from GSM;
Parameter is carried module, be used for when handover success, carry Message authentication code in HANDOVER TO UTRANCOMPLETE message, described Messageauthentication code is that the parameter of the startup integrity protection needs that carry in the HANDOVER TO UTRAN COMMAND message that sends according to RNC is determined;
Feedback module is used for feeding back switch failure information to RNC when handoff failure, the HANDOVER TO UTRANCOMPLETE message of having carried Message authentication code to the RNC feedback when handover success.
16. subscriber equipment as claimed in claim 15; it is characterized in that parameter is carried module and is further used for Integrityprotection mode info from the HANDOVER TO UTRAN COMMAND message that RNC sends and obtains UE and start parameter that integrity protection needs.
17. subscriber equipment as claimed in claim 16 is characterized in that, parameter is carried module and be further used for obtaining following option from Integrity protection mode info:
Integrity protection mode command option is selected Start;
The algorithm of supporting among the Security capability of Integrity protection algorithm option selection UE;
Integrity protection initialisation number is generated at random by RNC;
Downlink integrity protection activation info does not occur.
18. as the arbitrary described subscriber equipment of claim 15 to 17, it is characterized in that parameter is carried among the Integritycheck info that module is further used for increasing and carried Message authentication code in HANDOVER TO UTRAN COMPLETE message.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010192033.2A CN102264067B (en) | 2010-05-26 | 2010-05-26 | Method and equipment for processing safety function in switching process |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010192033.2A CN102264067B (en) | 2010-05-26 | 2010-05-26 | Method and equipment for processing safety function in switching process |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102264067A true CN102264067A (en) | 2011-11-30 |
| CN102264067B CN102264067B (en) | 2014-03-12 |
Family
ID=45010477
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010192033.2A Active CN102264067B (en) | 2010-05-26 | 2010-05-26 | Method and equipment for processing safety function in switching process |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102264067B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103297971A (en) * | 2012-02-29 | 2013-09-11 | 鼎桥通信技术有限公司 | Method and system for protecting integrity in communication system |
| CN111937356A (en) * | 2018-04-06 | 2020-11-13 | 瑞典爱立信有限公司 | Method, central unit and distributed unit of a radio network node for processing messages for transmission to a wireless device |
| CN115245003A (en) * | 2021-02-24 | 2022-10-25 | 北京小米移动软件有限公司 | Paging method, device and communication equipment |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1275872A (en) * | 1999-05-28 | 2000-12-06 | 日本电气株式会社 | Mobile telecommunication system |
| CN1478365A (en) * | 2000-11-28 | 2004-02-25 | ��˹��ŵ�� | A system for ensuring encrypted communication after handover |
| CN101014199A (en) * | 2007-03-02 | 2007-08-08 | 中兴通讯股份有限公司 | Method for canceling basic switch from TDCDMA to GSM of terminal |
| CN101175330A (en) * | 2007-10-18 | 2008-05-07 | 普天信息技术研究院有限公司 | Different system switching method for double-module double-standby terminal |
| CN101232731A (en) * | 2008-02-04 | 2008-07-30 | 中兴通讯股份有限公司 | Method and system for UE to generate cryptographic key switching from UTRAN to EUTRAN |
| CN101262667A (en) * | 2007-03-07 | 2008-09-10 | 中兴通讯股份有限公司 | An inter-system switching method for dual-mode and dual-idle mobile phone |
| CN101304600A (en) * | 2007-05-08 | 2008-11-12 | 华为技术有限公司 | Method and system for negotiating safety capability |
-
2010
- 2010-05-26 CN CN201010192033.2A patent/CN102264067B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1275872A (en) * | 1999-05-28 | 2000-12-06 | 日本电气株式会社 | Mobile telecommunication system |
| CN1478365A (en) * | 2000-11-28 | 2004-02-25 | ��˹��ŵ�� | A system for ensuring encrypted communication after handover |
| CN101014199A (en) * | 2007-03-02 | 2007-08-08 | 中兴通讯股份有限公司 | Method for canceling basic switch from TDCDMA to GSM of terminal |
| CN101262667A (en) * | 2007-03-07 | 2008-09-10 | 中兴通讯股份有限公司 | An inter-system switching method for dual-mode and dual-idle mobile phone |
| CN101304600A (en) * | 2007-05-08 | 2008-11-12 | 华为技术有限公司 | Method and system for negotiating safety capability |
| CN101175330A (en) * | 2007-10-18 | 2008-05-07 | 普天信息技术研究院有限公司 | Different system switching method for double-module double-standby terminal |
| CN101232731A (en) * | 2008-02-04 | 2008-07-30 | 中兴通讯股份有限公司 | Method and system for UE to generate cryptographic key switching from UTRAN to EUTRAN |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103297971A (en) * | 2012-02-29 | 2013-09-11 | 鼎桥通信技术有限公司 | Method and system for protecting integrity in communication system |
| CN103297971B (en) * | 2012-02-29 | 2016-06-22 | 鼎桥通信技术有限公司 | Completeness protection method in a kind of communication system and system |
| CN111937356A (en) * | 2018-04-06 | 2020-11-13 | 瑞典爱立信有限公司 | Method, central unit and distributed unit of a radio network node for processing messages for transmission to a wireless device |
| CN115245003A (en) * | 2021-02-24 | 2022-10-25 | 北京小米移动软件有限公司 | Paging method, device and communication equipment |
| CN115245003B (en) * | 2021-02-24 | 2024-03-12 | 北京小米移动软件有限公司 | Paging method, paging device and communication equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102264067B (en) | 2014-03-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3809756B1 (en) | Mobility management methods, apparatus, communications system and computer-readable storage medium | |
| EP3384698B1 (en) | Multi-rat access stratum security | |
| WO2015062097A1 (en) | Dual connection mode key processing method and device | |
| EP2465278B1 (en) | Method of providing telecommunications network security | |
| EP3255914A1 (en) | Key generation method, device and system | |
| CN103139911A (en) | Method for achieving carrier aggregation, base station and user equipment (UE) | |
| EP3293910B1 (en) | Device and method of handling cellular-wlan aggregation after handover | |
| CN101400059A (en) | Cipher key updating method and device under active state | |
| US10681550B2 (en) | Wireless local area network access method, base station controller, and user equipment | |
| EP3468253B1 (en) | Switching method and device | |
| CN105309007A (en) | Avoid key mismatch in security handling for multi frequency band | |
| CN110771191A (en) | Method and apparatus for implementing bearer-specific changes as part of a connection reconfiguration affecting a security key being used | |
| EP3533245A1 (en) | Methods supporting authentication in wireless communication networks and related network nodes and wireless terminals | |
| JP2017103770A (en) | Device and method of handling data transmission/reception for dual connectivity | |
| CN101552983A (en) | Key generating method, key generating device, mobile management entity and user equipment | |
| US9398510B2 (en) | Handover method, base station, user equipment, and mobility management entity | |
| US10708971B2 (en) | Mobility management method, user equipment, storage node, and base station | |
| CN103491519A (en) | Charging method and device under hybrid network | |
| CN102572816B (en) | Method and device for mobile switching | |
| CN102264067A (en) | Method and equipment for processing safety function in switching process | |
| KR102104844B1 (en) | Data transmission method, first device and second device | |
| CN101605324B (en) | Method, device and system for negotiating algorithm | |
| US20210377756A1 (en) | Communications Method, Communications Apparatus, and Computer-Readable Storage Medium | |
| CN101917717B (en) | The method and system of key are set up when interconnecting between a kind of GERAN and enhancing UTRAN | |
| EP4287748A1 (en) | Information transmission method and apparatus |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 100191 No. 40, Haidian District, Beijing, Xueyuan Road Patentee after: CHINA ACADEMY OF TELECOMMUNICATIONS TECHNOLOGY Address before: 100191 No. 40, Haidian District, Beijing, Xueyuan Road Patentee before: CHINA ACADEMY OF TELECOMMUNICATIONS TECHNOLOGY |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20210602 Address after: 100085 1st floor, building 1, yard 5, Shangdi East Road, Haidian District, Beijing Patentee after: DATANG MOBILE COMMUNICATIONS EQUIPMENT Co.,Ltd. Address before: 100191 No. 40, Haidian District, Beijing, Xueyuan Road Patentee before: CHINA ACADEMY OF TELECOMMUNICATIONS TECHNOLOGY |